Wireshark-commits: [Wireshark-commits] master bf14d8f: dtls: avoid possible NULL deref
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf14d8faf8d6de5e841fe8f5ab5210b1b7a426a4
Submitter: Alexis La Goutte (alexis.lagoutte@xxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
bf14d8f by Peter Wu (peter@xxxxxxxxxxxxx):
dtls: avoid possible NULL deref
"decoder->flow" could result in a NULL pointer dereference if a null
cipher was in use (caught by Clang static analyzer).
Answering the questions:
- DTLS records fragments do not need to be reassembled, thus there is no
flow. The Handshake messages have their own fragment_offset field and
thus there is no need to maintain an extra flow.
- Actually one datagram can contain multiple records (RFC 6347, 4.1.1),
but this is not implemented yet. The key can however not be "0"
though, it must match the offsets from ssl_get_record_info.
Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling")
Change-Id: Iac367a68a2936559cd5d557f877c5598114cadca
Reviewed-on: https://code.wireshark.org/review/19892
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
Actions performed:
from 5dde07c GSM A / NAS-EPS: detect missing mandatory information elements
adds bf14d8f dtls: avoid possible NULL deref
Summary of changes:
epan/dissectors/packet-dtls.c | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)